Reuters reports that German authorities have issued a warrant for the arrest of Dmitry Badin, a GRU operator wanted in connection with a 2015 hack of the Bundestag.
Researchers at Intezer have identified a new Linux-based botnet they're calling "Kaiji." It's apparently the work of a developer in China, and it's designed to infect IoT devices in order to herd them into a botnet adapted to distributed denial-of-service attacks. ZDNet reports that Kaiji gains access to targeted devices via SSH brute-force attacks.
Pen Test Partners say they've demonstrated a disturbing proof-of-concept: a "crying wolf" attack against commercial aviation's Traffic Alert & Collision Avoidance System (TCAS). It's possible to induce "ghost contacts" in the system, and some aircraft might automatically respond to such false reports by altering course. The potential risk to flight safety is obvious. Threatpost points out that the ghosts won't show up on radar, and that pilots may well trust, probably will trust, radar more than TCAS, but the proof-of-concept remains troubling nonetheless.
Cryptominers continue to exploit vulnerabilities in the Salt remote task and configuration framework. ComputerWeekly writes that Xen Orchestra users have been affected, as have users of the Ghost blogging platform. The Register reports that DigiCert has also been affected.
Roblox user data have been compromised in ways that enable the attacker not only to access personal information, but to dispense in-game currency. WIRED says the attacker bribed a Roblox insider to provide access, and then sought to claim a bug bounty from the game company.